
U nited States Extent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER OF PATENTS AND 

Washington, D C. 20231 

www. uspto.gov 




APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



C0NF1 



09/237,016 



01/25/1999 



LA VAUGHN F. WATTS JR. 



M-6084US 



9706 



24251 7590 03/13/2002 

SKJERVEN MORRILL MACPHERSON LLP 
25 METRO DRIVE 
SUITE 700 

SAN JOSE, CA 95110 



EXAMINER 



ART UNIT 



JACKSON, JENISE E 

n 



PAPER NUMBER 



2131 

DATE MAILED: 03/13/2002 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 07-01) 



Office Action Summary 



Application No. 

09/237,016 



Examiner 

Jenise E Jackson 



Applicant(s) 

WATTS ET AL. 



Art Unit 

2131 



~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 



2a)D This action is FINAL. 2b)[K) This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-42 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) IE) Claim(s) 1-5 and 9-42 is/are rejected. 

7) E3 Claim(s) 6-8 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
1 !)□ The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)D All b)D Some * c)Q None of: 

Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . - 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachments) 

1) S Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). 

2) [3 Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) □ Notice of Informal Patent Application (PTO-1 52) 

3) ^ Information Disclosure Statement(s) (PTO-1 449) Paper No(s) 6 . 6) □ Other: 



U.S. Patent and Trademark Office 
PTO-326 (Rev. 04-01) 



Office Action Summary 



Part of Paper No. 6 





Application/Control Number: 09/237,016 
Art Unit: 2131 



Page 2 



Claim Rejections- 35 USC 101 



1. 



35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 



requirements of this title. 

2. The invention as recited in claim 40 is directed to an access token for use with a 
computer system that contains security policies, and access code. The Examiner asserts that 
because the applicant does not provide a definition of a token, the Examiner looks to the 
Dictionary for the definition. According to Microsoft Computer Dictionary, a token is defined as 
a unique data structure(see pg. 389). Therefore, because claim 40 is directed to a data structure 
that contains software, which is merely security polices and a access code stored on the token 
than, the Examiner asserts that the access token alone does not constitute statutory subject 
matter. Therefore, the claim is rejected. See MPEP 2 1 07-2 1 07.02 



3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

4. Claims 34 and 39 are rejected under 35 U.S.C. 112, second paragraph, for failure to 
further limit the claims. As per claim 34 which states preparing an access token for the computer 
system does not further limit claim 29 from which it depends. Also, claim 39 which states 
wherein the access token does not further limit claim 35. 



Claim Rejections - 35 USC § 112 
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Claim Rejections - 35 USC §103 



5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



6. Claim 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Angelo and 
Authoritative Dictionary of IEEE Standards. 

7. As per claim 1, Angelo discloses a computer system(see fig. 1 , sheet 1 , and col. 4, lines 
39-40), a processor(102)(see fig. 1, sheet 1, and col. 4, lines 49-50), an access token 
communicator(i.e. probe) for reading a token(i.e. smartcard)(see col. 6, lines 13-15, 33-36), an 
input device(158) of being capable of being coupled to the processor(see fig. 1 , sheet 1 ) 9 the 
input device being adapted to receive verification data, because Angelo discloses that the user is 
required to enter a password, and the password that is entered is verified (see col. 3, lines 40-48). 
Thus, if the two passwords match(i.e. verification data), than this confirms that the user is 
authorized to use the access token(see col. 3, lines 46-48). 

8. According to the Authoritative Dictionary of IEEE Standards, security level is defined as 
a hierarchical level whose purpose is to indicate degree of sensitivity to a designated security 
threat. It indicates a specific level of protection as specified by the security policy being 
enforced(see pg. 1015). Thus, since Angelo discloses security levels than Angelo discloses a 
security policy. Angelo discloses security policies(i.e. security levels) that can require different 
levels of access by having different passwords(see col. 13, lines 19-22), thus access to the 
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resources will be based on what password the user has been granted. Furthermore, Angelo 
discloses a software system executable on the processor, and including a system security process 
controlling operational access to the processor, because Angelo discloses that an access token 
communicator for reading data on the token and comparing the data that is inputted with the data 
that is stored on the token. Thus, the comparison of the data, contains software inherent in order 
verify the user to a particular resource. Also, Angelo discloses an access token and verification 
data(see col. 3, lines 33-38), setting security policies(i.e. levels), and controlling access to 
resources based on the security policies(i.e. levels)(see col. 13, lines 18-22). 

9. The Examiner takes Official Notice that it is well-known in the art to have a software 
system that contains executable program code, the motivation is that the executable program 
code is a complied program translated into machine code in a format that can be loaded into 
memory and run by a computer's processor. Thus, the motivation of having executable program 
code is that it allows the software to run. 

10. As per claim 2, Angelo discloses a non-volatile storage device operably coupled to the 
processor(see fig. 1, sheet 1), and a non-volatile storage device(see col. 5, lines 57-60) access 
password that selectively allows access to the nonvolatile storage device, wherein the nonvolatile 
storage device password is supplied in response to the access token reading device reading an 
access token and the input device receiving verification data(see col. 7, lines 54-58, col. 8, lines 
19-25, 37-40). 

11. As per claim 3, Angelo discloses at least one of the one or more policies(i.e. security 
levels) is stored within the nonvolatile storage device password(see col. 13, lines 12-14, 19-25, 
34-43). 
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12. As per claim 4, Angelo discloses wherein at least one of the one or more policies(i.e. 
levels)is stored on the access token, because Angelo discloses that the user can have varying 
levels of access based on the password, thus when the user enters the password, this password is 
encrypted and compared to a encrypted value stored on the card(see col. 13, lines 19-24. 29-40). 

13. As per claim 5, Angelo discloses that one of the one or more policies(i.e. levels 
corresponds to the verification data, because Angelo discloses that when the user enters different 
passwords that are associated with different levels(i.e. policies) of access to the computer system, 
and if the user's password matches the password stored on the token(i.e. verification data), than 
the user is allowed access to certain resources based on the password that the user receives(see 
col. 13, lines 19-23, 30-43). 

14. As per claim 9, a password corresponding to the nonvolatile storage device access 
password(i.e. peripheral password) is stored on the access token(see col. 3, lines 41-44). 

15. As per claims 10-11, Angelo discloses that the access token(i.e. smartcard) includes one 
or more bytes of data in a non-keyboard enterable format(i.e. biometrics)(see col. 7, lines 47-53). 

16. As per claim 12, Angelo discloses wherein the verification data(i.e. password entered by 
way of biometrics) includes biometric data supplied by a user(see col. 7, lines 47-53). 

17. As per claim 13, Angelo discloses that the input device includes a keyboard for entering 
in the password, and the verification data includes a password(i.e. PIN)stored on the card(see col. 
3, lines 40-48). 

18. As per claim 14 recites the same limitations as claims 1-2, except Angelo discloses one 
or more policies(i.e. levels) associated with the operating system, and wherein the operating 
system includes security code selectively enabled by the one or more policies to limit access to 
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the computer system responsively to an access token read by the access token communication 
device(see col. 7, lines 15-25, 43-50, and col 13, lines 18-25). 

19. As per claim 1 5, the access token further includes verification data, wherein the access 
token is read in response to the input device receiving authentication data corresponding to the 
verification data(see col. 3, lines 32-44). 

20. As per claim 16, Angelo discloses the operating system includes a BIOS and wherein the 
BIOS is stored on nonvolatile memory that is electrically interconnected to the one or more 
processors(see col. 7, lines 15-22, fig. 1, sheet 1). 

21. As per claim 17, Angelo discloses the access token communication device includes a 
smart card communication device(see col 6, lines 13-22, 33-36). 

22. As per claim 18, Angelo discloses the access token communication device includes 
network circuitry (i.e. adapted to receive signals) from one or more computers interconnected on 
a computer network(col. 5, lines 17-20, 51-53). 

23. As per claim 19, Angelo discloses the access token communication device includes a 
modem that receives signals from a communication line. 

24. As per claim 20, wherein the input device is a keyboard(159)(see fig. 1, sheet 1 . col. 9, 
lines 49-50) 

25. As per claim 21, Although Angelo does not expressly disclose a biometric reading 
device, Angelo does disclose that the user can input information by using a biometric device(see 
col. 7, lines 50-53). The Examiner takes Official Notice that a biometric reading device is well- 
known, thus it would be obvious to have a biometric reader, because the motivation is that a 
biometric reader allows one to read the biometric data input by the user. 
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26. As per claims 22-23, Although Angelo discloses a fingerprint scanner; a retinal scanning 
device(i.e. biometrics)(see col. 7, lines 50-53). 

27. As per claim 24, Angelo discloses the nonvolatile storage device includes a hard disk 
drive(see col. 5, lines 56-59). 

28. As per claim 25, Angelo discloses a data access code stored in the nonvolatile memory, 
wherein a data request code corresponding to the data access code alters a state of the nonvolatile 
storage device, because Angelo discloses that if the data request code corresponds to the data 
access code(i.e. peripheral password stored in storage), than the state is altered by unlocking the 
storage device from locked to unlocked(see col. 9, lines 32-38, 43-48). 

29. As per claim 26 rejected under same basis as claim 14, except storing a master password 
on the access token. Although, Angelo does not specifically disclose storing a master password, 
Angelo does disclose that a user may have different levels of access based on a distinct 
password(see col. 13, lines 18-22). Therefore, one would have been motivated to have a distinct 
password that is master password on the access token, because it is well-known in the art to have 
a master password that allows a user to have access to all network resources. 

30. As per claim 27, Angelo discloses storing a password corresponding to the nonvolatile 
storage device password on the nonvolatile storage(see col. 9, lines 13-32, 51-54). 

31. As per claims 28, 41-42 recite the same limitations as claim 14, except setting security 
policies(i.e. security levels) in the information handling system(i.e. computer)(see col. 13, lines 
18-22); unlocking a nonvolatile storage device on the information handling system(i.e. 
computer)(see col. 9, lines 13-38, 43-54). 
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32. As per claim 29, Angelo discloses the computer system of Angelo is already 
assembled(see fig. 1, sheet 1). 

33. As per claim 30, initializing a system password installed on the computer system(see col. 
3, lines 40-44, col. 8, lines 19-21). 

34. As per claim 3 1 , rejected under the same basis as claim 2. 

35. As per claim 32, configuring includes modifying a nonvolatile memory installed in the 
computer system(see col. 5, lines 57-63). 

36. As per claim 33, Angelo does not specifically disclose retaining a copy of the nonvolatile 
storage device password at a location removed from the computer; however, it is well-known to 
retain a copy of a nonvolatile storage device password at a location removed from the computer 
system, the motivation is that retaining a copy of a password at a location removed from the 
computer, is a protective security measure. 

37. As per claim 34, the access token disclosed in Angelo is prepared, because Angelo 
discloses a token reader(i.e. probe) that reads the data from the token(see col. 3, lines 30-37). 

38. As per claims 35, and 39, Angelo discloses that transferring one or more passwords from 
the access token to a computer system, because once the user enters the password, and the 
password is encrypted to produce a peripheral password the peripheral password is transferred to 
a computer system that contains a storage device(see col. 9, lines 33-35, 43-48). 

39. As per claim 36, Angelo discloses transferring is in response to an access code received 
by the access token, because Angelo discloses that the access code(i.e. password) is inputted by 
the user(see col. 3, lines 40-41), and then transferred to the computer system(see col. 3, lines 44- 
48). 
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40. As per claims 37-38, wherein one of the one or more passwords corresponds to a 
computer system password installed on the computer system(see col. 8, lines 20-23), and 
wherein one of the one or more passwords corresponds to a nonvolatile storage device password 
installed on a nonvolatile storage device(see col. 9, lines 12-32). 

41. As per claim 40, wherein the one or more security policies(i.e. levels) are stored in an 
encrypted format, because based on the password that the user has entered is encrypted and this 
encrypted key has policies that are associated that allow a user to access certain resources or 
devices(see col. 3, lines 37-48, and col. 13, lines 18-26). Further, Microsoft Computer 
Dictionary defines a data stream to be a byte-by-byte flow of data(see pg. 110). Therefore, a 
data stream(i.e. password) is bytes of data. 



41. As per claims 6-8 are objected to as being dependent on rejected base claims. 



42. U.S. 6, 282,649 
U.S. 5,325,430 
U.S. 6,308,273 
U.S. 5,048,085 
U.S. 6,260,111 
U.S. 5,548,721 
U.S. 5,191,611 
U.S. 6,005,942 



Claims Objected To 



Cited But Not Applied 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E Jackson whose telephone number is (703) 306-0426. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gail Hayes can be reached on (703) 305-971 1 . The fax phone numbers for the 
organization where this application or proceeding is assigned are (703) 305-0040 for regular 
communications and (703) 308-6306 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 305-3900. 



March 11,2002 




GAIL HAYES 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



